This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.mft File: tWQnMiZdQL91ypSp7IEZIRwbmzI.mft (raw, json) Hash identifier: kzvlj7epYk3Ae+GAd+YvpcJaaH4/DrILaKZjV8+zbbg= Subject key identifier: DA:9B:A7:1E:BA:4F:38:65:89:C7:C5:81:6E:45:27:91:CF:6A:EA:73 Authority key identifier: B5:64:27:32:26:5D:40:BF:75:CA:94:A9:EC:81:19:21:1C:1B:9B:32 Certificate issuer: /CN=A916C128/serialNumber=B5642732265D40BF75CA94A9EC8119211C1B9B32 Certificate serial: 2C97 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.mft Manifest number: 2BEE Signing time: Sat 20 Dec 2025 15:25:22 +0000 Manifest this update: Sat 20 Dec 2025 15:25:21 +0000 Manifest next update: Sat 27 Dec 2025 15:25:21 +0000 Files and hashes: 1: tWQnMiZdQL91ypSp7IEZIRwbmzI.crl (hash: +DRQhrsDgspTP5WJouqsETnKfq4u7pLpwa737qomlzE=) 2: E0CC928CABDE11ED954F5C84C4F9AE02.roa (hash: LZsU00B4/gx6lo+GhGlRRaLNP1lXi+x7ZDLzlvJoUls=) 3: 4462F034F0EC11EB9D0B176AC4F9AE02.roa (hash: aSO9wjURcYGva8bAjVzZpymdiAuS5bByHQh+Eq4/Ung=) 4: 13461F60ABDC11EDAE837666C4F9AE02.roa (hash: NyqTZQOkUqWoaM40ZktUlOiopL6FbxfHLQstlqudq2c=) 5: DF821D20ABDE11ED954F5C84C4F9AE02.roa (hash: je3auOg70+6cT16YOal/ttbSxW+A5XuODnJlOPCEZSc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.crl rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 15:25:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11415 (0x2c97) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916C128, serialNumber=B5642732265D40BF75CA94A9EC8119211C1B9B32 Validity Not Before: Dec 20 15:25:21 2025 GMT Not After : Dec 27 15:25:21 2025 GMT Subject: CN=6946bfe1-e86d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:0b:17:70:c2:e1:5a:d1:fe:84:3e:10:a4:17: 11:c8:58:95:9f:84:f4:b6:51:2a:6f:59:3c:3c:71: aa:76:e3:b0:34:b4:3b:8d:6f:f9:84:f2:f5:2a:83: 17:06:4a:ca:34:84:a3:a6:b4:01:0c:cc:ae:7a:ea: ac:61:6f:3b:e8:23:45:37:a8:b1:4a:9c:35:ff:8a: b2:21:c5:d4:7d:2c:db:4c:f4:8f:d0:a4:36:c5:2b: c0:d0:00:4e:fd:88:20:d4:fd:3b:d6:b5:61:8e:6b: 78:22:23:6d:c0:f0:82:42:3b:90:0c:d5:1b:5d:33: 22:4d:4d:a7:14:f5:82:cd:b1:7c:54:8d:92:71:37: 26:51:d3:42:d9:13:f9:bc:7c:ec:ce:7a:05:da:cb: a9:37:f9:33:a1:54:d6:96:d0:33:e0:b9:58:04:33: ed:93:94:d5:73:13:51:1d:29:55:8e:1c:52:be:b1: 85:ff:8c:41:c9:4f:59:2d:76:aa:ac:b4:eb:f8:e5: d4:ef:a1:14:75:84:09:dd:5d:7a:1f:30:14:02:09: cd:ca:4c:cb:f8:3e:72:d6:b0:33:f2:9c:ce:95:18: 90:1f:93:9b:3d:a5:33:15:ca:b6:57:92:5c:84:d8: 1f:39:eb:b5:3d:52:a3:07:b0:86:f7:71:1f:0c:44: 0b:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:9B:A7:1E:BA:4F:38:65:89:C7:C5:81:6E:45:27:91:CF:6A:EA:73 X509v3 Authority Key Identifier: keyid:B5:64:27:32:26:5D:40:BF:75:CA:94:A9:EC:81:19:21:1C:1B:9B:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:0c:5d:8b:15:26:6d:15:aa:e4:38:d6:55:ce:c1:39:45:03: 1f:d1:fa:85:59:12:81:b9:b3:5e:ad:6d:e1:0e:bd:ba:f4:2f: 64:11:3c:ed:6d:8a:76:75:7e:81:53:f9:44:c5:5a:25:eb:e7: f1:74:cd:b9:40:f6:32:2f:b5:d6:42:a8:26:b2:b6:31:31:64: ff:d6:60:3c:1c:bc:a5:4a:ae:3e:bc:48:9f:42:02:d1:a9:af: a2:50:3a:3b:6c:79:94:32:a0:d8:b6:86:11:ff:03:70:44:ab: 6d:b7:a0:fb:70:5a:8a:c0:a6:b6:30:cc:2b:86:8c:1e:b1:a0: 44:15:a2:6c:8b:58:88:c5:73:3a:3c:ee:f2:1d:ca:3d:c0:7d: 06:00:41:7d:61:00:a9:ab:44:de:4c:69:5c:71:09:5a:84:3b: 34:b7:30:eb:35:26:5a:70:5e:f5:01:d8:d2:35:8e:7d:bc:e8: 46:f9:04:88:02:11:7e:7b:dd:c7:24:68:cc:8e:ca:03:8f:48: 4d:84:84:2b:01:2f:62:7d:31:b2:9f:61:0e:6b:87:74:bb:e3: b1:77:83:c6:18:45:8e:16:15:fb:4c:f6:c8:a6:0e:4e:6f:46: 74:9f:4d:af:c3:ca:8b:c3:1f:61:48:80:5f:db:77:2d:e8:3d: 42:63:46:05 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICLJcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkMxMjgxMTAvBgNVBAUTKEI1NjQyNzMyMjY1RDQwQkY3NUNBOTRBOUVDODExOTIx MUMxQjlCMzIwHhcNMjUxMjIwMTUyNTIxWhcNMjUxMjI3MTUyNTIxWjAYMRYwFAYD VQQDDA02OTQ2YmZlMS1lODZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArAsXcMLhWtH+hD4QpBcRyFiVn4T0tlEqb1k8PHGqduOwNLQ7jW/5hPL1KoMX BkrKNISjprQBDMyueuqsYW876CNFN6ixSpw1/4qyIcXUfSzbTPSP0KQ2xSvA0ABO /Ygg1P071rVhjmt4IiNtwPCCQjuQDNUbXTMiTU2nFPWCzbF8VI2ScTcmUdNC2RP5 vHzsznoF2supN/kzoVTWltAz4LlYBDPtk5TVcxNRHSlVjhxSvrGF/4xByU9ZLXaq rLTr+OXU76EUdYQJ3V16HzAUAgnNykzL+D5y1rAz8pzOlRiQH5ObPaUzFcq2V5Jc hNgfOeu1PVKjB7CG93EfDEQLvwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNqbpx66 TzhlicfFgW5FJ5HPaupzMB8GA1UdIwQYMBaAFLVkJzImXUC/dcqUqeyBGSEcG5sy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzEyOC82NjRBOUJDQUZB NkQxMUUzQjZBQzIzNTA1OTExRUEzMi90V1FuTWlaZFFMOTF5cFNwN0lFWklSd2Jt ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RXUW5NaVpkUUw5MXlwU3A3SUVaSVJ3Ym16SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QzEyOC82NjRBOUJDQUZBNkQxMUUzQjZBQzIzNTA1OTExRUEzMi90V1FuTWlaZFFM OTF5cFNwN0lFWklSd2JtekkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA7DF2LFSZtFarkONZVzsE5RQMf0fqFWRKBubNerW3hDr269C9kETzt bYp2dX6BU/lExVol6+fxdM25QPYyL7XWQqgmsrYxMWT/1mA8HLylSq4+vEifQgLR qa+iUDo7bHmUMqDYtoYR/wNwRKttt6D7cFqKwKa2MMwrhowesaBEFaJsi1iIxXM6 PO7yHco9wH0GAEF9YQCpq0TeTGlccQlahDs0tzDrNSZacF71AdjSNY59vOhG+QSI AhF+e93HJGjMjsoDj0hNhIQrAS9ifTGyn2EOa4d0u+Oxd4PGGEWOFhX7TPbIpg5O b0Z0n02vw8qLwx9hSIBf23ct6D1CY0YF -----END CERTIFICATE-----Generated at Sun Dec 21 12:01:30 2025 by rpki-client